Lifeboat Foundation: Safeguarding Humanity
Toggle light / dark theme

Blog

Category: cybercrime/malcode – Page 115

A recently discovered backdoor malware called BPFdoor has been stealthily targeting Linux and Solaris systems without being noticed for more than five years.

BPFdoor is a Linux/Unix backdoor that allows threat actors to remotely connect to a Linux shell to gain complete access to a compromised device.

The malware does not need to open ports, it can’t be stopped by firewalls, and can respond to commands from any IP address on the web, making it the ideal tool for corporate espionage and persistent attacks.

Read more | >

On the “World Password Day”, which was on May 5, Google, Microsoft and Apple joined hands to “kill” the password.

The three technology giants have vowed to create a future where your phone will be the primary source of online authentication. The new standard is being referred to as “muti-device FIDO credential”.

In a rare show of alliance, Apple, Google and Microsoft have joined forces to expand support for passwordless logins across mobile, desktop and browsers.

Passwords are notoriously insecure, with weak and easily guessable credentials accounting for more than 80% of all data breaches, per Verizon’s annual data breach report. While password managers and multi-factor technologies offer incremental improvements, Apple, Google and Microsoft are working together to create sign-in technology that is more convenient and more secure.

Through the new system, users will be able to sign-in to their accounts “through the same action that they take multiple times each day to unlock their devices, such as a simple verification of their fingerprint or face, or a device PIN.”

The new approach would protect people against phishing and the logins would be more secure compared to passwords and legacy multi-factor technologies such as one-time passcodes sent over SMS\.

Continue reading “Apple, Google and Microsoft team up on passwordless logins” | >

Those who call for mandatory reporting have the right intent, but if it’s not implemented in the right way, it will cause more harm than good.

Mandatory reporting almost always puts companies at risk, either legally or through financial penalties. Penalizing an organization for not reporting a breach in time puts it in a worse cybersecurity posture because it is a strong incentive to turn a blind eye to attacks. Alternatively, if a company knows of a breach, it will find ways to “classify” it in a way that falls into a reporting loophole.

The reporting timelines in the law are arbitrary and not based in the reality of effective incident response. The first hours and days after a breach are integral to the actual incident reporting process, but they are chaotic, and teams are sleep-deprived. Working with lawyers to determine how to report and figuring out the evidence that companies do and don’t want to “see” just makes the process harder.

Read more | >

A new malicious campaign has been spotted taking advantage of Windows event logs to stash chunks of shellcode for the first time in the wild.

“It allows the ‘fileless’ last stage trojan to be hidden from plain sight in the file system,” Kaspersky researcher Denis Legezo said in a technical write-up published this week.

The stealthy infection process, not attributed to a known actor, is believed to have commenced in September 2021 when the intended targets were lured into downloading compressed. RAR files containing Cobalt Strike and Silent Break.

Read more | >

The U.S. Department of Treasury today sanctioned cryptocurrency mixer Blender.io used last month by the North Korean-backed Lazarus hacking group to launder funds stolen from Axie Infinity’s Ronin bridge.

In the wake of the attack, Sky Mavis (the bridge’s creator) revealed that hackers breached the Ronin bridge on March 23 to steal 173,600 Ethereum and 25.5M USDC tokens in two transactions worth $617 million at the time, the largest cryptocurrency hack in history.

The previous most significant theft of cryptocurrency was the $611 million Poly Network hack in August 2021.

Read more | >

Tenet Healthcare Corporation recently experienced a cybersecurity incident in April 2022, which resulted in a temporary disruption to a subset of acute care operations.

The report from Tenet comes on the heels of telephone and computer problems occurring at St. Mary’s Medical Center and Good Samaritan Medical Center in West Palm Beach Florida, that were reported by WPTV NewsChannel 5. Tenet health is the parent company for both of the medical centers.

Patients and staff have contacted WPTV NewsChannel 5 expressing concerns about patient care tied to limits of electronic charting and their inability to communicate by telephone.

Read more | >

When it comes to responding to emerging threats, the Pentagon’s director for electromagnetic warfare suggested today that the US military’s electronic warfare organization should borrow a leaf from SpaceX.

SpaceX founder Elon Musk said that Russia had jammed Starlink terminals in Ukraine for hours at a time after SpaceX shipped Starlink terminals to Ukraine in February in an apparent effort to help Ukraine preserve its internet connection amid the war with Russia. Starlink was back up and running after a software upgrade, according to Musk, who added on March 25 that the constellation had “resisted all hacking & jamming attempts” in Ukraine.

Assuming Musk — who is known for being a showboater in his public pronouncements — is giving an accurate image, a private company thwarting Russian EW attempts with software updates is the kind of thing that makes Pentagon EW experts sit up and take notice.

“That’s wonderful from the standpoint of an EW technologist. Dave Tremper, head of electronic warfare for the Pentagon’s acquisition office, remarked, “That paradigm and how they executed that is sort of eyewatering to me.” “We need to be able to upgrade in the same way that Starlink was able to when a threat appeared. We need to be able to modify our electromagnetic posture quickly, and we need to be able to change what we’re attempting to do without sacrificing capabilities.”

Subscribe — https://bit.ly/3lPAZZ3

Read more | >

James McCall SpringerHmmm… So quantum computing systems aren’t close to being perfected BUT they’re being used for ransomware attacks?

Is “bleepingcomouter” a bs sensationalist media producer like Futurism?

Len Rosen shared a link.

The “special operation” as Russia calls it has come with a threat of nuclear war, and consequences for food and energy security for many.

Read more | >